<?php

// phpMyRealty 3
//
// File Name: alertsMailer.php
// File Location : ./admin/
//
// Copyright (c)2009 phpMyRealty.com
//
// e-mail: support@phpMyRealty.com

// Include configuration file and general functions
define('PMR', 'true');
define('PMRADMIN', 'true');

include ( '.././config.php' );
include ( PATH . '/defaults.php' );

// ----------------------------------------------------------------------
// ADMIN PANEL / ALERTS MAILER

// Title tag
$title = $lang['Admin_Mailer'];

// Template header
include ( PATH . '/admin/template/header.php' );

// If logged we can start the page output
if (adminAuth($session->fetch('adminlogin'), $session->fetch('adminpassword')))

 {
  // Include navigation panel
  $session->set('navigation', '');
  include ( PATH . '/admin/navigation.php' );

  // Make sure this administrator have access to this script
  adminPermissionsCheck('manage_settings', $session->fetch('adminlogin')) or error ('Critical Error', 'Incorrect privileges');

  // If the Submit button was pressed we start this routine
  if (isset($_POST['submit_mailer']) 
  && $_POST['submit_mailer'] == $lang['Admin_Mailer_Submit'])
   {

    $form = array();

    // safehtml() all the POST variables
    // to insert into the database or
    // print the form again if errors
    // found
@    $form = array_map('safehtml', $_POST);

    $recipients = array();

    if (isset($_POST['agent']) && is_array($_POST['agent'])) 
     {      

      foreach($_POST['agent'] as $arrayid => $id)
       {
	
	if ($id != '') 
         {

          $sql = 'SELECT * FROM ' . ALERTS_TABLE . ' WHERE code = ' . $id . ' ';
          $r = $db->query($sql);
          $f = $db->fetcharray($r);

          array_push($recipients, $f['email']);
 
         }
       }
     }

    else 

     {

      if (!isset($_POST['agent'])) $_POST['agent'] = '';
      $sql = 'SELECT * FROM ' . ALERTS_TABLE . ' WHERE code = ' . $_POST['agent'] . '';
      $r = $db->query($sql);
      $f = $db->fetcharray($r);

      $recipients = $f['email'];
     }



    $mail = new PHPMailer();

    if(PHPMAILER == '3') {
     $mail->IsSMTP(); // set mailer to use SMTP
     $mail->Host = $smtp['host'];  // specify main and backup server
     $mail->SMTPAuth = true;     // turn on SMTP authentication
     $mail->Username = $smtp['login'];  // SMTP username
     $mail->Password = $smtp['password']; // SMTP password
    }
    elseif(PHPMAILER == '2') {
     $mail->IsSendmail(); // set mailer to use SMTP
    }
    else {
    }

    $mail->From = $conf['general_e_mail'];
    $mail->FromName = $conf['general_e_mail_name'];
    $mail->AddAddress($conf['general_e_mail']);

    if (!is_array($recipients))
     $mail->AddBCC($recipients);
    else
     {
      foreach ($recipients as $id => $email)
       $mail->AddBCC($email);
     }

    $mail->Subject = $form['subject'];

    $mail->MsgHTML = unsafehtml($form['message']);
    $mail->AltBody = removehtml($form['message']);

    $mail->Send();

    echo $lang['Admin_Mailer_Sent'];

   }

  // If we open mailer.php for the first time
  // or there were errors found in the form fields 
  // we output the form again with the old variables 
  // included
  if (!isset($count_error) || $count_error > '0')
   {

    echo table_header ( $lang['Admin_Mailer'] );

    // Define the form variables if the form is loaded for the first time
    if (!isset($form))
     {
      $form = array();
      $form['subject'] = '';
      $form['message'] = '';
     }

    // Output the form
    echo '
     <form action="' . URL . '/admin/alertsMailer.php" method="POST" name="form" id="form">
      <table width="100%" cellpadding="5" cellspacing="0" border="0">
         ';

    // Check if this user exist
    $sql = 'SELECT * FROM ' . ALERTS_TABLE . ' ORDER BY name';
    $r = $db->query($sql);

    $options = '';

    while ($f = $db->fetcharray($r))
     $options .= '<option value="' . $f['code'] . '">' . $f['name'] . '</option>';

    echo userform ($lang['Admin_Mailer_To'] , '<select multiple size="5" name="agent[]">' . $options . '</select>');
    echo userform ($lang['Admin_Mailer_Subject'], '<input type="text" name="subject" value="' . $form['subject'] . '">', '1');
    echo userform ($lang['Admin_Mailer_Message'], '<textarea class="ckeditor" cols="45" rows="4"  name="message" id="message" >' . unsafehtml($form['message']) . '</textarea>', '1');
 
    echo userform ('', '<input type="Submit" name="submit_mailer" value="' . $lang['Admin_Mailer_Submit'] . '">');

    echo '
      </table>
     </form>
    ';

    echo table_footer ();
   }

 }

else

  error ('Critical Error' , 'Please, login to access this script.');

// Template footer
include ( PATH . '/admin/template/footer.php' );

?>